How to clean a infected computer?

Losing performance should not be a issue anymore with the SATA III -SSD-drives.

My mother's old laptop with Windows XP SP3 runs with the default firewall, router firewall and Sandboxie. Not a single problem has arisen related to security. And her stage of understanding computers is "What was that... fox fire again? A browser? You mean the internet?"

I feel that users are misguided heavily nowadays. The mentioned setup is so much simpler and easier to use than 5 real-time scanners and a paranoid HIPS.

 

I have just read the above thread fully.
I'd like to comment as follows:
1) Despite the thread title there is no sound simple step by step procedure advice.
2) Much of what is here constitutes discussion between experts. And there is clearly no agreement about the optimum methods suggested.
3) There seems to be a failure to recognise that ordinary users are just that, ordinary! Most will have spent considerable effort to learn the programs they use, fight to get results with poor SW & constantly cope with upgrades & updates. It's hard enough to purchase reliable CD/DVD media let alone figure how to actually save key data.
4) And what is key data, how do you save your email, that's something MS have just forgotten about, the process is complex & I at least have to read my own saved instructions every time I attempt it.
And what the heck is a an image, what do you copy. If you use a rescue disc it's true the process is defined for you but what if you have a nagging suspicion that you may have either corrupted program(s) or some form of malware? I have two rescue discs one is about a year old the other 6 months; I have no idea whether they would work because there is no inbuilt check procedure to start with & you read all the time about PC's refusing to boot with such discs.
5) Last time I looked I had over 45 MS win7-64 updates alone. What happens every few weeks when more show up, do you need a new rescue disk?
6) Yes I have Sandboxie, but absolutely no idea how to use it. Great program but they forgot to build in simple routines. BTW when can you decide that a trial program that seems OK in the sandbox need no longer be so protected. What if you get it wrong & you become infected, can't use SB forever?
7) I estimate I spend almost as much tile on security/updates/scans & reading the likes of this site - as I do actually doing any work.
For Example just today I spent hours attempting to get rid of Bonjour which I never authorised in the first place. Thanks Apple & MS. My research via Google consisted of dated advice (that mostly seemed to ignore win7) asking me to open a command prompt. That's the 2011 equivalent of suggesting a car driver does his own vehicle diagnostics, some will be able & others will not But this is just crap how long will it take before we see some dependable protocols about installing & uninstalling, just as one example?
9) I'll bet none of you here have ever presented easy to follow written procedural advice (relevant to the OS) to any of those annoying people who "would just not listen". And you have the gall to complain?

 

Well Sandboxie is quite a steep learning curve program. You're not the first person to have a hard time knowing exactly how to use it. I would recommend a new user to Sandboxie designating one browser for everyday surfing inside the sandbox, and that browser only comes out for updates, etc. And have a designated browser, say IE, for banking ... essentially having browsers for different purposes. You have to set up Sandboxie sandboxes to be highly inflexible, not allowing anything to run that you haven't permitted to run, this is for the real advantages of Sandboxies protection (nothing is 100%, remember though).

So if you have any applications you use that you don't want in such a rigid format try having an alternative application without Sandboxie protection, or better still running that application with no restrictions in the sandbox. If you look in the applications section under browsers, and so on, you can find default settings that will often help you have a functioning browser within the sandbox, to make life easier. But you might just have to figure it out yourself through trial and error - you won't damage anything trying. I've found that Sandboxie has pretty dedicated users willing to help solve problems so don't be afraid to ask for help. The Sandboxie forum is a good place to go directly if you have an issue. The Sandboxie threads here at Wilders are full of good tips and detail - there are plenty of them in the search.

But like I said, to have as near to 100% as you cant get ... there is a lot of mixing and matching sandbox restrictions ... what can run ... and what can't ... what can access the internet ... and what can't, etc - if you implement the restrictions inside the sandbox for a browser, you will then get an idea how things are going to work with other applications that you may want to protect with restricted sandboxes. You are aiming for the absolute bare bones running inside a sandbox. These tweaks are what turn a lot of users off from adding restrictions. You'll find some applications you use the most wont run with restrictions added. But it is only trial and error (overly using this, but it's true) to get them working right with an application (and of course plenty of asking for help).

I don't use an anti virus anymore. I sandbox everything that accesses the internet, so yeah I have to do a lot of detective work to find out what is safe and what isn't. Essentially Sandboxie is a very geeky, for enthusiasts, IMO, or at least should be set up on a newbies computer by a Sandboxie enthusiast. A steep learning curve, but it's worth hanging in there (don't be shy about asking for help).

 

No scanner is 100% no matter how many you run it will always leave the chance that 1 remains.

Wipe the computer and reinstall os with a FW, a top 5 AV with RT scanning.

You wiil find this fails as well UNLESS you clean up the USB source of the problems. But again scanning is not 100%. Wipe the USB as well.

Now you know why image backups of programs and data is needed.

So you can restore without rebuilding.

 

Yep, wipe & reimage kicks the stuffing out of the malware scan & clean approach.

Agree with all except maybe the most up to date part. The most recent image may not have the latest security and software patches, but it sure doesn’t take much effort to get things up to speed after the image is installed.

Agree!

Agree!

I get mostly looks of doubt or blank stares when I mention this approach.

 

Reinstall.

 

If you re-install, you'll need to download the same patches and more. That is unless you've customized the disc, which isn't as convenient as disk imaging.

 

Totally agree. Thats why i´m using this avatar...

 

True enough. I guess whether one re-installs or restores an image, it would be prudent to install latest patches for everything, but it would certainly be more urgently required for a re-install, since everything will be way out of date.

 

"System Sweeper": Microsoft releases free AV software that boots from CD or USB

http://www.h-online.com/security/ne...ftware-that-boots-from-CD-or-USB-1254112.html